Pricing
Case studies
Login
Start trial
The leading open source vulnerability database
Instantly mitigate vulnerabilities in WordPress websites with Patchstack.
See pricing
Rated 4.9
Total
38,625
Mitigations
Mitigation rules
14,168
No official patch
10,985
In triage
1,340
Published soon
28
Stats
WordPress stats
Search
Everything
Vulnerabilities
Priority
CVSS
0
10
Mitigation available
Exploited
Clear
Affected software | Vulnerability
Risk
Disclosed
Post Duplicator
<= 3.0.8
Missing Authorization to Authenticated (Contributor+) Protected Post Meta Insertion via 'customMetaData' Parameter vulnerability
4.3
1 hour ago
WP Recipe Maker
<= 10.2.3
Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability
4.3
1 hour ago
Disable Admin Notices individually
<= 1.4.2
WordPress Disable Admin Notices - Hide Dashboard Notifications plugin <= 1.4.2 - Cross-Site Request Forgery to Plugin Settings Update vulnerability
4.3
1 hour ago
Secure Copy Content Protection and Content Locking
<= 5.0.1
Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attribute vulnerability
6.5
1 hour ago
Responsive Lightbox
<= 2.7.1
Authenticated (Author+) Server-Side Request Forgery via Remote Library Image Upload vulnerability
5
1 hour ago
Rise Blocks
<= 3.7
WordPress Rise Blocks - A Complete Gutenberg Page Builder plugin <= 3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Site Identity Block Attributes vulnerability
6.5
2 hours ago
ElementsKit Elementor addons Lite
< 3.7.9
Unauthenticated Mailchimp REST Endpoint vulnerability
6.5
12 hours ago
The Plus Addons for Elementor Page Builder Lite
<= 6.4.7
WordPress The Plus Addons for Elementor - Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin <= 6.4.7 - Unauthenticated Email Relay vulnerability
5.3
12 hours ago
Conditional CAPTCHA
<= 4.0.0
Open Redirect vulnerability
4.7
12 hours ago
Ebook Store
<= 5.8001
Reflected Cross-Site Scripting via 'step' vulnerability
7.1
17 hours ago
WP Ad Guru
<= 2.5.4
Reflected Cross-Site Scripting vulnerability
7.1
18 hours ago
Simple Membership
<= 4.7.0
Unauthenticated Improper Handling of Missing Values vulnerability
6.5
1 day ago
WP Customer Reviews
<= 3.7.5
Reflected Cross-Site Scripting via 'wpcr3_fname' Parameter vulnerability
7.1
1 day ago
Shield Security
<= 21.0.8
Unauthenticated Reflected Cross-Site Scripting via 'message' Parameter vulnerability
7.1
1 day ago
xmlrpc attacks blocker
<= 1.0
Unauthenticated Stored Cross-Site Scripting via 'X-Forwarded-For' vulnerability
7.1
1 day ago
iXML
<= 0.6
WordPress iXML - Google XML sitemap generator plugin <= 0.6 - Reflected Cross-Site Scripting via 'iXML_email' Parameter vulnerability
7.1
1 day ago
Easy Author Image
<= 1.7
Authenticated (Subscriber+) Stored Cross-Site Scripting via Profile Picture URL vulnerability
6.5
1 day ago
Wholesale Suite
<= 2.2.1
Privilege Escalation vulnerability
7.2
4 days ago
Woocommerce Wholesale Lead Capture
<= 1.17.8
Privilege Escalation vulnerability
9.8
4 days ago
Woocommerce Wholesale Lead Capture
<= 1.17.8
Arbitrary File Upload vulnerability
9
4 days ago
Load more